OTP Setup

During the install, you can select the option to enable OTP. Otherwise, you can run it later with the command:

bash /var/peers/wireguard-nowire/otp/setup_otp.bash

Next, add the file get_expire_account.bash to cron and run it hourly.

chmod +x get_expire_account.bash
cp get_expire_account.bash /etc/cron.hourly

Or add it to your crontab:

0 * * * * bash /var/peers/wireguard-nowire/get_expire_account.bash

Also, with OTP, the VPN Peers connection to the VPN will default to expire every 24 hours unless otherwise specified. You will be prompted during the install or you can edit wireguard-server.sh and near top change:

OTP_HOURS=24

to whatever value. With bash, don't put spaces between the variable and value.

Won't work:

OTP_HOURS = 48

Will work:

OTP_HOURS=48

When a user changes their password on the SSH server, it will break their ability to use OTP because their unique secret is being protected with their password. The script nowire/register.php can be used to enter the old SSH password and the new one in order to continue using their existing OTP authenticator.

Users will need to browse to:

https://yourserver/nowire/register.php

to enable OTP. They will authenticate using their SSH username and password and will receive a QRCode to associate with their account. FreeOTP and Google Authenticator were tested.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

OTP Setup

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally